Condusiv Technologies Blog

Condusiv Technologies Blog

Blogging @Condusiv

The Condusiv blog shares insight into the issues surrounding system and application performance—and how I/O optimization software is breaking new ground in solving those issues.

Undelete Can Do That Too?

by Gary Quan 30. August 2017 04:46

You may have already heard countless customers tout the file recovery features of Condusiv’s Undelete® and how IT Pros use it as a recycle bin on file servers for real-time protection, so they don’t have to dig through backups to recover deleted or overwritten files. Although this is Undelete’s primary function, Undelete provides more than just this. 

What most people do not know is that Undelete also provides features to keep your data secure and visibility into who deletes files from file servers.

When a file is deleted, many assume that file data is now safe from being seen by others. Not so fast. When data gets deleted on a Windows volume, the data does not get removed. The space where that file data was residing is just marked as available for use, but the original file data is still there and will remain there until that space is overwritten by some other file data. That may or may not happen for quite a while. This means, that ‘deleted’ file data could still be potentially read. 

So, what do you do if you really want your file data gone when you delete it?  Undelete has the answer with two features. The first feature is “SecureDelete.”  When a file is deleted, SecureDelete will first over-write the file to help ensure it is unrecoverable. In fact, this is done by overwriting it with a specific bit pattern specified for this purpose by the U.S. National Security Agency (NSA) for the Department of Defense (DOD).  The second feature is “Wipe Free Space”, which will overwrite any free space on a selected volume, using the same specific bit patterns as SecureDelete to clear out any previously written data in that free space.

Now, with these two features, when you delete a file, you know it is now virtually impossible to read/recover any of that data from that volume.

Along with file security, there are customers using Undelete as another precautionary security: check how many files are being deleted from file shares and by whom. If they ever detect an abnormal, substantially high number of files being deleted, that raises a flag for them to investigate further.

Although Undelete is usually purchased to recover files, others use it to securely delete files and track back any deleted files to the person who did it.

Tags:

Data Protection | File Protection | Undelete

FAL Remediation and Improved Performance for MEDITECH

by Gary Quan 28. November 2016 12:11

When someone mentions heavy fragmentation on a Windows NTFS Volume, the first thing that usually comes to mind is performance degradation. While performance degradation is certainly bad, what’s worse is application failure when the application gets this error.

 

Windows Error - "The requested operation could not be completed due to a file system limitation“

 

That is exactly what happens in severely fragmented environments. These are show-stoppers that can stop a business in its tracks until the problem is remediated. We have had users report this issue to us on SQL databases, Exchange server databases, and cases involving MEDITECH EMR systems.

Some refer to this problem as the “FAL Size Issue” and here is why. In the Windows NTFS file system, as files grow in size and complexity (i.e., more and more fragmented data), they can be assigned additional metadata structures. One of these metadata structures is called the File Attribute List (FAL). The FAL structure can point to different types of file attributes, such as security attributes or standard information such as creation and modification dates and, most importantly, the actual data contained within the file. In the extremely fragmented file case, the FAL will keep track of where all the fragmented data is for the file. The FAL actually contains pointers indicating the location of the file data (fragments) on the volume. As more fragments accumulate in a file, more pointers to the fragmented data are required, which in turn increases the size of the FAL. Herein lies the problem: the FAL size has an upper limitation size of 256KB. When that limit is reached, no more pointers can be added, which means NO more data can be added to the data file. And, if it is a folder file, NO more files can be added under that folder file.

If a FAL reaches the size limitation, the only resolution was to bring the volume offline, which can mean bringing the system down, then copying the file to a different location (a different volume is recommended), deleting or renaming the original file, making sure there is sufficient contiguous free space on the original volume, rebooting the system to reset the free space cache, then copying the file back. This is not a quick cycle, and if that file is large in size, this process can take hours to complete, which means the system will remain offline for hours while attempting to resolve.

You would think that the logical solution would be – why not just defragment those files? The problem is that traditional defragmentation utilities can cause the FAL size to grow. While it can decrease the number of pointers, it will not decrease the FAL size. In fact, due to limitations within the file system, traditional methods of defragmenting files cause the FAL size to grow even larger, making the problem worse even though you are attempting to remediate it. This is true with all other defragmenters, including the built-in defragmenter that comes Windows. So what can be done about it?

 

The Solution

Condusiv Technologies has introduced a new technology to address this FAL size issue that is unique only to the latest version of V-locity®  for virtual servers and Diskeeper® for physical servers. This new technology called MediWrite™ contains features to help suppress this issue from occurring in the first place, give sufficient warning if it is or has occurred, plus tools to quickly and efficiently reduce the FAL size. It includes the following:

Unique FAL handling: As indicated above, traditional methods of defragmentation can cause the FAL size to grow even further. MediWrite will detect when files are having FAL size issues and will use a proprietary method of defragmentation that keeps the FAL from growing in size. An industry first!

Unique FAL growth prevention: Along with MediWrite, V-locity and Diskeeper contain another very important, patented technology called IntelliWrite® which automatically prevents new fragmentation from occurring. By preventing fragmentation from occurring, IntelliWrite minimizes any further FAL size growth issues.

Unique Offline FAL Consolidation tools: The above technologies help stop the FAL size from growing any larger, but due to File System restrictions, it cannot shrink or reduce the FAL size online. To do this, Condusiv developed proprietary offline tools that will reduce the FAL-IN-USE size in minutes.  This is extremely helpful for companies that already have a file FAL size issue before installing our software. With these tools, the user can reduce the FAL-IN-USE size back down to 100kb, 50kb, or smaller and feel completely safe from the maximum FAL size limits. The reduction process itself takes less than 5 minutes. This means that the system will only need to be taken offline for minutes which is much better than all the hours needed with the current Windows copy method.

FAL size Alerts: MediWrite will dynamically scan the volumes for any FAL sizes that have reached a certain limit (the default is a conservative 50% of the maximum size) and will create an Alert indicating this has occurred. The Alert will also be recorded in the Windows Event log, plus the user has the option to get notified by email when this occurrence happens.

 

For more information, see our MEDITECH Solution Brief

 

 

 

Tags:

Diskeeper | Disruption, Application Performance, IOPS | General | IntelliMemory | IntelliWrite | MEDITECH | V-Locity

Additional benefits from our products

by Gary Quan 3. March 2011 08:06

As the CTO, one of the biggest joys I get is hearing back from customers on the benefits that our products have provided them.  I also find it very interesting how users find other benefits that we had not intentionally planned for the product. For example, one IT Manager would periodically execute a CHKDSK command on all of the disks of his user’s Windows’s systems. The CHKDSK command checks the file system integrity and can fix some logical errors if found.  The IT Manager did this as a preventative measure to catch and fix any logical disk errors before they could cause serious problems. This is a tedious process and can require a reboot in some cases, especially if executed on the system disk.  This IT Manager found an easy way to get this accomplished with Diskeeper. One Diskeeper feature is Boot-Time Defragmentation which will defragment files that cannot be safely defragmented while Windows is running, so it is run during the boot-up process. With Diskeeper, a user can schedule when this Boot-Time Defragmentation will occur and also add the option to perform a CHKDSK as part of the process.  The IT Manager used this feature to automatically schedule for the CHKDSK command to occur at a time that would not impact the users and he would not have to be there to manually perform it. At the same time, he also got the benefit of Boot-Time defragmentation.  If you have any other uses from our products, please send the feedback so I can hear about them.  Use the ‘Diskeeper Feedback’ feature in the Diskeeper product. This is under the ‘Action’ menu option.

Gary Quan

CTO – Diskeeper Corporation

Tags:

Diskeeper

Month List

Calendar

<<  September 2017  >>
MoTuWeThFrSaSu
28293031123
45678910
11121314151617
18192021222324
2526272829301
2345678

View posts in large calendar